CVE-2010-2071

The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linuxkernel 2.6.34 and earlier does not check file ownership before setting anACL, which allows local users to bypass file permissions by settingarbitrary ACLs, as demonstrated using setfacl.